Openssl: >> Openssl Security Vulnerabilities
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
CVSS Score
5.0
EPSS Score
0.36
Published
2002-08-12
The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers.
CVSS Score
5.0
EPSS Score
0.05
Published
2001-07-10
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.
CVSS Score
5.0
EPSS Score
0.014
Published
2000-06-12
OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
CVSS Score
7.5
EPSS Score
0.032
Published
1999-03-22
Page 30